Java System Access Manager Security Vulnerabilities and Issues — Java System Access Manager CVE List

Lucene search

SunJava System Access Manager

3 matches found

CVE•added 2009/08/07 7:0 p.m.•60 views

CVE-2009-2713

The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote attackers to obtain sensitive information via unspecified vectors.

4.3CVSS5.9AI score0.00417EPSS

CVE•added 2007/01/31 6:28 p.m.•42 views

CVE-2007-0628

Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained fro...

4.3CVSS5.8AI score0.00766EPSS

CVE•added 2008/03/08 12:44 a.m.•31 views

CVE-2008-1204

Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.

4.3CVSS5.8AI score0.00293EPSS